Google, Apple, Microsoft, Amazon, IBM and other US technology companies are joining forces in the fight against hacking attacks and cybercrime. In the coming years, they will allocate billions of dollars to improve the cybersecurity and digital resilience of the private sector. Socially disruptive attacks such as on Colonial Pipeline should be prevented in the future.
The tech companies made this commitment on Wednesday when they spoke to President Joe Biden about (the consequences of) cybercrime in the US, Reuters news agency reported.
US ravaged by cyber attacks
In recent months, the US has been hit several times by large-scale cyber attacks. For example, hackers carried out a supply chain attack on SolarWinds at the end of last year. The attackers added the Sunburst backdoor to Orion Network Management Tools, an application that allows customers to remotely monitor corporate networks, databases, servers and web applications. As a result, the perpetrators managed to infiltrate the computer systems of hundreds of political authorities, local authorities and the business community.
In May, Colonial Pipeline was the target of a ransomware attack, believed to be carried out by the Russian hacker group DarkSide. Using a leaked password from a VPN account without multi-factor authentication, they managed to install ransomware on the oil company’s corporate network. They also stole 100 GB of confidential information from the company and employees. To limit the impact of the cyberattack, CEO Joseph Blount decided to pay the hackers $4.4 million in ransom.
Something similar happened to meat producer JBS. Ransomware also halted business production there. CEO Andre Nogueira paid $11 million in ransom to the attackers. “It was a very difficult decision to make for our company and me personally. However, we felt that we had to make this decision to avoid any risk to our customers,” he told the press at the time.
Finally, a chain attack via software supplier Kaseya caused a lot of misery worldwide. Via a zero-day exploit in the software Virtual System Administrator (VSA), the Russian hacker collective REvil managed to install ransomware undetected at about 1,500 companies worldwide, including some Dutch ones. Soon enough, a universal decryptor or decryption key surfaced, eliminating the need for victims to pay a ransom.
Biden: ‘Government cannot face this challenge alone’
The multitude of cyberattacks and their impact on society prompted President Biden to conclave with the CEOs of the country’s largest technology companies. This meeting took place on Wednesday. Attendees included Andy Jassy (Amazon), Tim Cook (Apple), Satya Nadella (Microsoft), Sundar Pichai (Alphabet, the parent company of Google) and Arvind Krishna (IBM).
The president urged executives to raise the bar in the fight against hackers and cybercrime. “The federal government cannot face this challenge alone. You have the power, the capacity and the responsibility to act against this,” Biden told the tech leaders. According to him, there is still much to do to protect the private sector against hackers and cyber-attacks.
Tech companies pull out their wallets
After the meeting, the CEOs came out with good news. To the media present, they promised to put their best foot forward and do more to keep hackers out. The Amazon CEO said he would offer free cybersecurity training and that some customers would receive devices with multi-factor authentication. IBM will train 150,000 people over the next three years to improve their cybersecurity skills.
Google says it will allocate $10 billion to cybersecurity over the next five years. In addition, 100,000 Americans will have the opportunity to earn a certificate to demonstrate their digital skills. This certificate is recognized throughout the industry and offers the prospect of finding a well-paid job in the IT sector.
Microsoft is also pulling the wallet and will invest $20 billion in cybersecurity over the next five years. That is a quadrupling of the current budget. In addition, the US hardware and software company is allocating $150 million to provide technical services to government agencies at the local, state and federal levels to help keep their systems up to date.
Vishaal Hariprasad, CEO of the insurance company Resilience Cyber Insurance Solutions, will work with the government to establish minimum cybersecurity requirements. Companies that want to insure themselves against the consequences of cyber-attacks must comply with this. The company thinks this will kill two birds with one stone: entrepreneurs are tightening up their information security and at the same time taking measures against hackers.
Catch up on more articles here
Follow us on Twitter here